Only one of three national breach notification bills that won approval in the Senate Judiciary Committee last week would address a gap in protections for healthcare information, says Harley Geiger of the Center for Democracy & Technology.
Take a look at the contract that the Department of Health and Human Services entered with KPMG to conduct HIPAA compliance audits and you'll get a few insights on what healthcare organizations can expect.
"We find a lot of security professionals saying, 'I'm just going to get another certification, or I'm going to get deeper into this technology skill,'" says researcher David Foote. "That's not going to get you very far."
Michigan CTO Dan Lohrmann will head a new operation to provide state agencies with a single organization charged with the oversight of risk management and security issues associated with state assets, property, systems and networks.
While it's good to see more privacy and security details included in the final version of the Federal Health IT Strategic Plan, much work remains to ensure patient information is protected when it's exchanged.
"The tech fellows will be given the challenge of working with the projects and complex systems that are only available when working in federal IT," Federal CIO Steven VanRoekel says. "This is the competitive advantage that the federal government holds against the private sector."
Intelligence expert Terry Roberts says cyber intelligence, a new approach to IT security, could make significant gains in the coming year. "The good thing is, this isn't really rocket science," says the chair of the Intelligence and National Security Alliance's Cyber Council.